Need help or advice?
Call us FREE 0800 298 2375

Monthly Archives: December 2016

INFO: Netgear router vulnerabilities

The following routers are vulnerable as below. New firmware has been released for some of the models and is available from here: http://kb.netgear.com/000036386/CVE-2016-582384

Vulnerability Note VU#582384

Netgear R7000, firmware version 1.0.7.2_1.1.93 and possibly earlier, R6400, firmware version 1.0.1.12_1.0.11 and possibly earlier, and R8000, firmware version 1.0.3.4_1.1.2 and possibly earlier, contain an arbitrary command injection vulnerability.

By convincing a user to visit a specially crafted web site, a remote, unauthenticated attacker may execute arbitrary commands with root privileges on affected routers. An unauthenticated, LAN-based attacker may do the same by issuing a direct request, e.g. by visiting:

http:///cgi-bin/;COMMAND

An exploit demonstrating these vulnerabilities has been publicly disclosed.

Netgear’s advisory confirms that the R6200, R6400, R6700, R7000, R7100LG, R7300, R7900, and R8000 are vulnerable, though affected firmware versions are not enumerated. The vendor has indicated that their advisory will be updated as firmware updates are released.

Possible LNS Issue 01/12/2016

We are seeing some oddness on one of our LNS routers which terminates some of our broadband circuits. We believe this is only affecting our management access and not the service provided over this.

We are working with the vendor to understand this and hopefully resolve this. Assuming this is not customer affecting we may need to reboot this LNS later this evening causing a brief network blip as the sessions re-connect.

IF we find this is affecting service earlier we may have to perform the reboot earlier. We will update this as we know more

 

EMERGENCY CONTACTS

The main support number is 0845 330 0666 (geographical 01480 355566)

There’s a second, fallback (geographical) number: 01480 411616. All numbers ring directly at our support centre, manned 24hrs x 365 days a year.

We'd also suggest that all customers subscribe to our mailing list (link above); status messages and updates will be delivered by email.

Subscribe